Published: 08/06/2010 Updated: 12/10/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 940

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote malicious users to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability."

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft excel 2002
microsoft office 2004

''' __ __ ____ _ _ ____ | \/ |/ __ \ /\ | | | | _ \ | \ / | | | | / \ | | | | |_) | | |\/| | | | |/ /\ \| | | | _ < (day 21 binary analysis) | | | | |__| / ____ \ |__| | |_) | |_| |_|\____/_/ \_\____/|____/ ''' Title : Microsoft Excel WOPT Record Parsing Heap Memory Corruption Versi ...

''' __ __ ____ _ _ ____ | \/ |/ __ \ /\ | | | | _ \ | \ / | | | | / \ | | | | |_) | | |\/| | | | |/ /\ \| | | | _ < (day 16 binary anlysis) | | | | |__| / ____ \ |__| | |_) | |_| |_|\____/_/ \_\____/|____/ ''' Title : Microsoft Excel HFPicture Record Parsing Remote Code Execution Vul ...

CWE-94 http://osvdb.org/65235 http://www.us-cert.gov/cas/techalerts/TA10-159B.html http://www.securityfocus.com/bid/40526 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7223 http://www.securityfocus.com/archive/1/511765/100/0/threaded https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038 https://nvd.nist.gov https://www.exploit-db.com/exploits/15065/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-1248

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect